A new advanced supply chain attack targets the Node Package Manager (NPM) using Google Calendar for covert command and control. Malware hidden in legitimate JavaScript libraries has compromised thousands of development environments, leveraging OAuth tokens and encoded calendar events for communication. This innovative approach makes detection difficult, prompting calls for stricter monitoring and analysis of application usage.
Preventing Phishing Attacks on Cryptocurrency Exchanges
In 2025, cryptocurrency exchanges are enhancing security to combat soaring phishing attacks, which caused losses exceeding $46 million in March alone. Users are warned to
